November 2025 – As Black Friday approaches, global cyber security and resilience experts, NCC Group are warning shoppers to be on high alert for the increased risk of online scams. Cybercriminals take advantage of consumers looking for deals during Black Friday to scam consumers and exploit security vulnerabilities.
In a new report, Shop smart this season: Avoid scams, protect your tech, NCC Group outlines the key risks for consumers. The report provides practical steps consumers can take and highlights the growing threat posed by connected devices.
Perfect opportunity for cybercriminals
Black Friday provides a unique opportunity for cybercriminals to strike. According to e-commerce marketing platform Omnisend, Britons are expected to spend nearly £14 billion over Black Friday weekend, up £4 billion from last year. This high volume of sales, with purchases made under time pressure to take advantage of timed deals, creates the perfect conditions for scams. These scams include payment fraud and fake retail websites, with 120,000 fraudulent Amazon websites discovered around Amazon Prime Day (Source: Forbes).
Growing risk of connected devices
With technology and electronics sales expected to make up 45% of Black Friday purchases (Omnisend), cybercriminals are exploiting this demand to catch out consumers. The technology market is flooded with connected devices that, if not regularly maintained and updated, can gift cybercriminals a backdoor into your home network. Whether a speaker, clock, smart lighting, or fitness tracker, security updates can be overlooked by consumers, leaving devices open to attack.
Beware second hand technology
The cost-of-living crisis has fuelled demand for second-hand devices, as people seek more affordable alternatives. But these can pose hidden risks, from being linked to previous owners’ accounts, to containing malware. Deals that appear to be too good to be true, often are. Cybercriminals take advantage of consumer trust, exploiting second hand technology to gain access to your home network. Even seemingly new devices may be tampered with if bought from fake or disreputable websites and all technology must be maintained with security updates.
Andy Davis, Global Research Director at NCC Group, said: “Black Friday notoriously exposes shoppers to scams, creating the perfect environment for cyber criminals. They thrive on the panic and urgency that big sales generate, counting on people to act before they think. Being vigilant is crucial. If something feels off, or feels ‘too good to be true’, it probably is. A cautious mindset is your best defence, especially during high-traffic shopping events when online threats are at their peak.”
Top tips for staying safe:
- Watch out for deepfake ads: Before buying any devices this festive season, make sure that you’re shopping on reputable platforms. Social media scams are increasingly convincing, with deepfake videos luring consumers to fake websites, something 60% of shoppers say they’ve encountered online.
- Keep a checklist when buying tech: Double-check website addresses for spelling errors. Avoid clicking on unfamiliar or suspicious links, and always verify seller profiles, photos and reviews.
- Treat overseas shopping apps with caution: While offers can be tempting, products sold on lesser-known international platforms may not meet UK safety standards. And some have been found with hidden hardware or unverified software that could compromise your data.
- Beware of payment scams: Once you’ve chosen a product, there are still risks at checkout. A lack of professionalism or requests for direct bank transfers are red flags. Stick to trusted payment platforms, use strong passwords and turn on two-factor authentication wherever possible to keep your data secure.
- Know the red flags: Scammers rely on urgency and panic. Question any message that demands quick action or advertises an unbelievable deal. Another common scam during this period is fake charity requests, which use emotional appeals to trick people into giving away money or information.
- Act fast if something feels off: For smart devices, think before connecting them to Wi-Fi to avoid letting attackers into other devices on your network. If you suspect anything, take action immediately. If you’ve made a purchase using a credit card, trusted payment system or your bank, contact your provider immediately to block the payment and freeze your account if needed. Change any affected passwords straight away, using strong and unique combinations to prevent cyber criminals from accessing your accounts. If you clicked on a suspicious link, downloaded an unknown attachment or entered details on a fake website, your device may be infected with malware. Run a full antivirus or security scan using your device’s built-in tools or trusted software to detect and remove any threats.